[Snort-devel] [SNORT-DEVEL] Fix memory leak in Snort

Josh Rosenbaum (jrosenba) jrosenba at ...3461...
Mon May 19 09:44:12 EDT 2014

Hi Bill,

Thank you for both reporting this bug and the patch.  The problem has already been fixed and will be part of the next Snort release.


From: Bill Parker <wp02855 at ...2499...<mailto:wp02855 at ...2499...>>
Date: Sunday, May 18, 2014 at 6:55 PM
To: "snort-devel at lists.sourceforge.net<mailto:snort-devel at ...362....net>" <snort-devel at lists.sourceforge.net<mailto:snort-devel at ...2763...rge.net>>
Subject: [Snort-devel] [SNORT-DEVEL] Fix memory leak in Snort

Hi All,

   In reviewing file 'luaDetectorApi.c' in directory
'snort-', I found
a small memory leak involving variable 'schemePattern' where
the memory isn't released due to a strdup() call failing.

The patch file is listed below:

--- luaDetectorApi.c.orig       2014-03-09 18:35:09.650653721 -0700
+++ luaDetectorApi.c    2014-05-17 19:44:33.408223503 -0700
@@ -2102,6 +2120,14 @@
     if(tmpString  && queryPatternSize)
         queryPattern = (u_int8_t*) strdup(tmpString);
+       if (!queryPattern)
+       {
+           _dpd.errMsg( "Invalid query pattern string.");
+           free(pathPattern);
+           free(hostPattern);
+           free(schemePattern);
+           return 0;
+       }

     u_int32_t appId           = lua_tointeger(L, index++);

The free(schemePattern); was left out of the previously submitted
patch for this file (my bad) <duh>.

I'm attaching the patch file to this bug report.

Bill Parker (wp02855 at gmail dot com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140519/bfc8810e/attachment.html>

More information about the Snort-devel mailing list